Salesforce Admins, beware

Salesforce admins, beware

Most Salesforce admins didn’t sign up to be the first line of defense against phishing attacks.

But now? With the increase in phishing attacks specifically targeting Salesforce and changes to how privileged users can log in, teams are scrambling to batten down the hatches and keep their data from being exposed.

Salesforce security has moved from a minor talking point to a major pain point and if you’ve ever been improperly rushed into reactive security measures you know what that means.

Waking up to Slacks like “Hey… why can’t I log in??” or “Hey… did we get hacked???” or even“Hey… what’s MFA again????”.

To prep any newcomers and commiserate with those of us who’ve been on the receiving end of these kinds of questions, let’s share our worst Salesforce security or MFA horror stories.

You know:

😐 The rollout that locked out the entire sales team
😑 The exec who refused MFA… until it was too late
😶 The phishing attack that almost worked (or did)
🫥 The “temporary workaround” that became permanent

And don’t forget, phishing resistant MFA for privileged users in Salesforce goes live July 1 2026.

Get ready, or get ready to be blocked. 😵

ForecaaS Software

The Recurring Revenue Specialists for Salesforce

Questions?

© 2025. All rights reserved.

Privacy policy